W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Fwd: New Version Notification for draft-nottingham-http2-encryption-02.txt

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Sat, 14 Dec 2013 11:14:33 -0800
Message-ID: <CAPik8yayuJrTuZ5UCm8w6ZktGO8LDsuy5At4EtnckLHcC-r-yQ@mail.gmail.com>
To: William Chan (陈智昌) <willchan@chromium.org>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Dec 13, 2013 at 9:20 PM, William Chan (陈智昌)
<willchan@chromium.org>wrote:

> I don't know what the "do it in HTTP/2 itself" proposal is.


http://tools.ietf.org/html/draft-hoffman-httpbis-minimal-unauth-enc-01


> I thought
> your proposal was advertising opportunistic encryption in DNS.


That is orthogonal, and is *not* opportunistic encryption: it allows a
browser to change the URI scheme from "http:" to "https:".


> Anyhow,
> we don't support any type of opportunistic encryption, especially
> unauthenticated. We want people to use https://, therefore we more or
> less only plan to support HTTP/2 for https:// URIs. Let me know if
> this still leaves anything unclear.
>

That's completely clear.

I disagree with your conclusion, and still want HTTP/2 to enable
opportunistic encryption in a way that browsers and servers will deploy,
but I'm not a browser vendor.

--Paul Hoffman
Received on Saturday, 14 December 2013 19:15:01 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC